<?php
session_start();
require_once __DIR__ . '/db/config.php';

if (!isset($_SESSION['user_id'])) {
    header('Content-Type: application/json');
    echo json_encode(['error' => 'Authentication required.']);
    exit;
}

$user_id = $_SESSION['user_id'];
$action = $_GET['action'] ?? $_POST['action'] ?? '';

header('Content-Type: application/json');

try {
    $pdo = db();

    if ($action === 'get') {
        $stmt = $pdo->prepare("SELECT * FROM user_playlists WHERE user_id = ? ORDER BY created_at DESC");
        $stmt->execute([$user_id]);
        $playlists = $stmt->fetchAll();
        echo json_encode($playlists);
    }

    elseif ($action === 'add') {
        $name = $_POST['name'] ?? '';
        $url = $_POST['url'] ?? '';
        if (!empty($name) && !empty($url)) {
            $stmt = $pdo->prepare("INSERT INTO user_playlists (user_id, name, url) VALUES (?, ?, ?)");
            $stmt->execute([$user_id, $name, $url]);
            echo json_encode(['success' => true]);
        }
    }

    elseif ($action === 'delete') {
        $id = $_POST['id'] ?? '';
        if (!empty($id)) {
            $stmt = $pdo->prepare("DELETE FROM user_playlists WHERE id = ? AND user_id = ?");
            $stmt->execute([$id, $user_id]);
            echo json_encode(['success' => true]);
        }
    }

} catch (PDOException $e) {
    echo json_encode(['error' => 'Database error']);
}